Blacklist issue
-
I am facing problem with black list category name [blk_BL_adv]. I am trying to open a website imart.com but squid guard blocking it with Target group: blk_BL_adv. I dont want to allow blk_BL_adv category so I created a white list and allowed imart.com for that group. but problem is still.
I am using black list – http://www.shallalist.de/Downloads/shallalist.tar.gz
kindly help me on this issue. -
Did you position your whitelist so that it comes first in the Common ACL list?
-
Yes I have do the same but the issue is same.
-
I can't even connect to that site. It just hangs and times out. Perhaps you could post some screens of your expanded Common ACL, expanded Groups ACL and your Target Categories.
-
Site is not working with or without pfsense
-
Hello Sir
sorry for delayed reply, I was out of town. website name is http://www.india mart.com/. when I open this website error showsRequest denied by pfSense proxy: 403 Forbidden
Reason:
Client address: 192.168.2.10
Client name: edp2.localdomain
Client group: Purchasers
Target group: blk_BL_adv
URL: http://www.india mart.com/192.168.2.10/edp2.localdomain-GETI have configure a white list with this website for purchase group and considered it on top of order. please see below screen shots
-
Sorry one image wrongly posted please ignore that.
-
Your configuration looks to be correct. Anything of note if you look at the three logs at Services - Proxy filter - Log?
-
I note one thing also when I am making any changes to any group acl or target categories, changes has not done. neither showing any error. that is why whitelist changes also not working.
eg – I have changed group acl of one client but it is still showing in old group acl. I have no idea what is the issue. Kinldy help..GUI log is as per below
30.09.2015 11:59:31 [squid_reconfigure] Add new redirector options to Squid config.
30.09.2015 11:59:31 [squid_reconfigure] Remove old redirector options from Squid config.
30.09.2015 11:59:31 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf'.
30.09.2015 11:59:31 [sg_redirector_base_url] Select redirector base url (http://192.168.2.2:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
30.09.2015 11:59:31 [sg_create_config] Add Default
30.09.2015 11:59:31 [sg_create_config] Add ACL's: GIL; Purchasers; unblock; Export; GI; Moderate;
30.09.2015 11:59:31 [sg_redirector_base_url] Select redirector base url (http://192.168.2.2:80/sgerror.php?url=403%20If%20you%20think%20something%20wrong%20then%20please%20contact%20to%20ithelpdesk%40gargwire.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
30.09.2015 11:59:31 [sg_create_config] Add rewrites: safesearch;
30.09.2015 11:59:31 [sg_create_config] Add destinations: Whitelist; redlist; Virus; Video; Sports; Song; Software; Shopping; news; Mobile; Employment;
30.09.2015 11:59:31 [sg_create_config] Added: blk_BL_adv; blk_BL_aggressive; blk_BL_alcohol; blk_BL_anonvpn; blk_BL_automobile_bikes; blk_BL_automobile_boats; blk_BL_automobile_cars; blk_BL_automobile_planes; blk_BL_chat; blk_BL_costtraps; blk_BL_dating; blk_BL_downloads; blk_BL_drugs; blk_BL_dynamic; blk_BL_education_schools; blk_BL_finance_banking; blk_BL_finance_insurance; blk_BL_finance_moneylending; blk_BL_finance_other; blk_BL_finance_realestate; blk_BL_finance_trading; blk_BL_fortunetelling; blk_BL_forum; blk_BL_gamble; blk_BL_government; blk_BL_hacking; blk_BL_hobby_cooking; blk_BL_hobby_games-misc; blk_BL_hobby_games-online; blk_BL_hobby_gardening; blk_BL_hobby_pets; blk_BL_homestyle; blk_BL_hospitals; blk_BL_imagehosting; blk_BL_isp; blk_BL_jobsearch; blk_BL_library; blk_BL_military; blk_BL_models; blk_BL_movies; blk_BL_music; blk_BL_news; blk_BL_podcasts; blk_BL_politics; blk_BL_porn; blk_BL_radiotv; blk_BL_recreation_humor; blk_BL_recreation_martialarts; blk_BL_recreation_restaurants; blk_BL_recreation_sports; blk_BL_recreation_travel; blk_BL_recreation_wellness; blk_BL_redirector; blk_BL_religion; blk_BL_remotecontrol; blk_BL_ringtones; blk_BL_science_astronomy; blk_BL_science_chemistry; blk_BL_searchengines; blk_BL_sex_education; blk_BL_sex_lingerie; blk_BL_shopping; blk_BL_socialnet; blk_BL_spyware; blk_BL_tracker; blk_BL_updatesites; blk_BL_urlshortener; blk_BL_violence; blk_BL_warez; blk_BL_weapons; blk_BL_webmail; blk_BL_webphone; blk_BL_webradio; blk_BL_webtv; .
30.09.2015 11:59:31 [sg_create_config] Add blacklist entries
30.09.2015 11:59:31 [sg_create_config] Add sources: GIL Purchasers unblock Export GI Moderate
30.09.2015 11:59:31 [squidguard_rebuild_db] Start rebuild DB.
30.09.2015 11:59:20 [squidguard_rebuild_db] Create rebuild config '/usr/pbi/squidguard-i386/etc/squidGuard/squidGuard__usrdbrebuild.conf'.
30.09.2015 11:59:20 [sg_redirector_base_url] Select redirector base url (http://192.168.2.2:80/sgerror.php?url=403%20404&a=%a&n=%n&i=%i&s=%s&t=%t&;u=%u)
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Employment' = '/var/db/squidGuard/Employment'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Mobile' = '/var/db/squidGuard/Mobile'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'news' = '/var/db/squidGuard/news'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Shopping' = '/var/db/squidGuard/Shopping'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Software' = '/var/db/squidGuard/Software'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Song' = '/var/db/squidGuard/Song'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Sports' = '/var/db/squidGuard/Sports'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Video' = '/var/db/squidGuard/Video'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Virus' = '/var/db/squidGuard/Virus'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'redlist' = '/var/db/squidGuard/redlist'.
30.09.2015 11:59:20 [sg_create_simple_config] Added item 'Whitelist' = '/var/db/squidGuard/Whitelist'.
30.09.2015 11:59:20 [sg_create_simple_config] Begin with dbhome='/var/db/squidGuard'.
30.09.2015 11:59:20 [squidguard_rebuild_db] Begin with path '/var/db/squidGuard'.
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Employment domains 'timesjobs.com naukri.com shine.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Mobile domains 'oppomobile.in phonearena.com themobileindian.com xiaomishop.com 91mobiles.com pricebaba.com gsmarena.com micromaxinfo.com smartprix.com pricebaba.com theinformr.in';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add news domains 'Bhaskar.com Bhaskarhindi.com amarujala.com webduniya.com navbharattimes.com intoday.in patrika.com punjabkesari.in dailykesari.com samachar.com aajtak.in haribhoomi.com ndtv.com newsbharati.com jagran.com w3newspapers.com prabhatkhabar.com epapr.in newindianexpress.com navabharat.com medianama.com sachkahoon.com techweb.com raftaar.in abplive.in amarujala.com punjabkesari.in newsnation.in news24online.com news24.com livetvchannelsfree.com zengatv.com zeenews.india.com dittotv.com samachar.com dnaindia.com indiatimes.com abplive.in newtvworld.com networld.com hellotv.in indiatvnews.com in.com samaylive.com yupptv.com indiapress.org allindiannewspapers.com newshunt.com khaskhabar.com bollywoodhungama.com bollywood.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Shopping domains 'flipkart.com snapdeal.com amazon.in myntra.com imshopping.rediff.com jabong.com naaptol.com yebhi.com yepme.com infibeam.com homeshop18.com shopclues.com shopping.indiatimes.com inkfruit.com Pepperfry.com Fashionara.com Firstcry.com BabyOye.com Zovi.com Koovs.com CromaRetail.com Fashionandyou.com ShoppersStop.com Grabmore.in Shop.seventymm.com Tradus.in Futurebazaar.com Edabba.com Govasool.com Junglee.com starcj.com americanswan.com fashionandyou.com mysmartprice.com lenskart.com montecarlo.in allsales.in bluestone.com olx.in olx.com quikr.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Software domains 'gilisoft.com quicklyuninstall.com uninstallreview.com uninstallapp.com windowsuninstaller.org shouldiremoveit.com removetips.net howtouninstallguides.com revouninstaller.com softuninstall.com uninstallblog.com how-to-uninstall-program.com uninstallpro.com specialuninstaller.com support.2-windowserrors.com uninstallsupport.com uninstall-programs.blogspot.com uninstallerfix.com 2-uninstall.com freeuninstallguide.com appuninstall.com uninstallprogramswindows.blogspot.com addictivetips.com uninstallgeek.com mostiwant.com cnet.com lesavoiretlefer.fr experts-exchange.com neediremoveit.com neediremoveit.com un-install.info gilisoft-file-lock-pro.soft112.com malwaretips.com aegisroc.guildportal.com removeapplications.blogspot.com spicytricks.com gilisoft-file-lock-pro.soft32.com programerrors.com programerrors.com facelesshackers.blogspot.com softpedia.com gilisoft-secure-disccreator.en.softonic.com prouninstaller.com softadvice.informer.com howtoqspot.com oxhow.com pcuninstallhelp.com uninstallsoftware.org trickpatch.blogspot.com software88.com hola.org efreesoftwarez.blogspot.com fiuxy.com gilisoft-private-disk.software.informer.com balajsingh.blogspot.com download3k.com softwaremilk.com androidemix.com trendmicro.com anonymox.net';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Song domains 'gaana.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Sports domains 'vcricket.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Video domains 'hotstar.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Virus expressions '(.(google|yahoo).(search_query|keywords|search|query|q|p)=.(+|%20)(proxy|bypass).(-|+|%20).(proxy|bypass).*)';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Virus domains 'bharatonlinework.com webssearches.com 99acres.com magicbricks.com shaadi.com proxy-bypass.com filterbypass.me bypasskey.com proxifier.com proxifier.com keepanonymous.com nwi.anonymox.net anonymox.net';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add redlist domains 'livehindistan.com';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add Whitelist domains 'ifsccodebank.com ifsc-code.net uidai.gov.in delhi.gov.in hdfcbank.com hdfc.com corpbank.com sbi.co.in labour.up.nic.in hrylabour.gov.in labour.delhi.gov.in labour.gov.in esic.nic.in esicdelhi.org.in labourbureau.nic.in labour.gc.ca citehr.com licindia.in mail.google.com mail.gmail.com hspcb.gov.in grotal.com netbanking.hdfcbank.com onlinesbi.com netpnb.com incometaxindia.gov.in finmin.nic.in india.gov.in epfindia.gov.in epfoservices.in epfindia.nic.in skga.in dgft.gov.in dhl.co.in tnt.com epfindia.com esic.in divshare.com hensel-electric.de dvat.gov.in tdscpc.gov.in eicindia.net sun.com eicindia.gov.in icai.org icsi.edu icmai.in icwai.org casbicwai.org mca.gov.in lv2000.com maheshwari.org examicmai.org eicwai.org polymetalindia.com oal.co.za alibaba.com tinxsys.com blackberry.com ebay.com fence-erect.co.za screenex.co.za bankifsccode.com bankbazaar.com ifsccodebank.com indian-banks.info bankmicrcode.com ifsc-code.com thebankcodes.com rcom.co.in relianceada.com bsigroup.com ecol.com ecol.xyz astm.org usps.gov resource.org dlqyw.net theswiftcodes.com bank-code.net hdfcbank.com zamzar.com clag.org.uk yolasite.com mdurohtak.ac.in mdudde.net aliexpress.com deccanherald.com profil.wp.pl howtoexportimport.com jaibalaji.firm.in pdfstandard.net webstore.iec.ch serpro.gov.br csoisw.gov.in billdesk.com cbec.gov.in delhicourts.nic.in panchang.com mypanchang.com hdfcbank.com netpnb.com dtdc.com clubindia.com indiamart.com lulusoso.com charteredclub.com dipp.nic.in';
30.09.2015 11:59:20 [sg_reconfigure_user_db] Add user entries
30.09.2015 11:59:20 [sg_reconfigure_user_db] Begin with '/var/db/squidGuard'
30.09.2015 11:58:45 [squid_reconfigure] Add new redirector options to Squid config.
30.09.2015 11:58:45 [squid_reconfigure] Remove old redirector options from Squid config.
30.09.2015 11:58:45 [sg_reconfigure] Save squidGuard config to '/usr/pbi/squidguard-i386/etc/squidGuard/squidGuard.conf'.
30.09.2015 11:58:45 [sg_redirector_base_url] Select redirector base url (http://192.168.2.2:80/sgerror.php?url=403%20&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
30.09.2015 11:58:45 [sg_create_config] Add Default
30.09.2015 11:58:45 [sg_create_config] Add ACL's: GIL; Purchasers; unblock; Export; GI; Moderate;
30.09.2015 11:58:45 [sg_redirector_base_url] Select redirector base url (http://192.168.2.2:80/sgerror.php?url=403%20If%20you%20think%20something%20wrong%20then%20please%20contact%20to%20ithelpdesk%40gargwire.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u)
30.09.2015 11:58:45 [sg_create_config] Add rewrites: safesearch; -
Doktornotor had made a bunch of fixes to Squid. You might want to update and see if it solves your issue.
-
Thank you KOM , kindly let me know how to update squid. is squid package to be re-installed.
-
You upgrade packages in the same place that you install them from. Go to System - Packages - Installed packages. Look for squid in your list in Installed Packages. To the far right there are several buttons. One of them has the text pkg inside the button. Click it to upgrade that package.
-
Thanks you KOM for your guidance, all things are working now.
-
Thanks for testing.
-
Thanks you doktornotor for your kind work.
-
I've got the same issues it seems. I am running the latest version of pfsense, squid and squidguard. In squidguard under common acl tab I have selected "Do not allow IP-Addresses in URL" I notice that this causes facebook mobile chat not to connect as I am seeing the following logs:
15.10.2015 19:18:01 10.0.2.11/android-58e1c12f4ef215d8.syndicate.com 31.13.77.5:443 Request(default/in-addr/-) -CONNECT REDIRECT.
In target categories I created a new rule allowing access to the following domain: 31.13.77.5 I called the rule facebook_chat. Back in common acl under target rules I have selected "allow" for this facebook_chat rule and above that area that rule is at the front just after the dummy rule that allows squidguard to function properly.
Did I miss something?
TIA
